How to create a configuration profile in Microsoft Endpoint Manager

Sometimes you need to perform configuration changes that the basic administrative tools of Microsoft 365 were not designed to handle. For those, Endpoint Manager, also known as Intune, is recommended.

cybersecurity concept

Image: iStock/Blue Planet Studio

Managing and administering Microsoft 365 users and devices is generally handled through the basic administrative tools accessible from the productivity suite's applications menu. All you need is the right login credentials and the know-how to make your changes.

However, sometimes you need to perform configuration changes that the basic administrative tools were not designed to handle. For those occasions, Microsoft recommends the use of its Endpoint Manager admin center, sometimes referred to as Microsoft Intune. Microsoft Endpoint Manager allows admins to configure settings for devices, applications, and security services.

SEE: Checklist: Securing Windows 10 systems (TechRepublic Premium)

This how-to tutorial shows you how to access the Microsoft Endpoint Manager admin center and setup a configuration profile that we can use to change configuration settings for devices existing within an enterprise.

How to create a configuration profile in Microsoft Endpoint Manager

To get the most out of Microsoft Endpoint Manager you will need a subscription to both Microsoft 365 and Microsoft Azure. You will also need to connect those services together and have them synchronize with each other. It is important to note that the connection and the syncing process is not automatic—you'll have to perform those tasks manually.

The first step is to login to Microsoft Endpoint Manager by navigating to the website (endpoint.microsoft.com) and logging in with your administrative credentials. You should see a dashboard screen that looks something like the one shown in Figure A.

Figure A

a-create-configuration-profile-endpoint.jpg

For our example, we are going to create a configuration profile we can use to manage and configure operations across our enterprise. In the left-hand navigation pane of our Endpoint dashboard, find and click on the Devices entry. Then click on the Configuration Profiles entry on the sub menu, as shown in Figure B.

Figure B

b-create-configuration-profile-endpoint.jpg

As you can see, we don't have a profile yet. Click the + Create profile tab to open the profile configuration screen. The first question asks us to select a platform. As you can see in the dropdown menu (Figure C) there are several platform choices. We will select Windows 10 and later for our example.

Figure C

c-create-configuration-profile-endpoint.jpg

Next, we will select a profile type. Once again, we will be presented with a multitude of choices (Figure D), but we will select Administrative Templates for this example. Click the Create button to complete the initial process.

Figure D

d-create-configuration-profile-endpoint.jpg

Enter a name for the new profile and provide a description if you wish. Click the Next button to proceed to another list. From this list we can choose which configuration settings we will associate with our newly created profile. This list is long, but now that the profile is created, we can use it to configure applications, features, and devices in our enterprise.

Figure E shows you a few examples of common configuration profiles. With the Microsoft Endpoint Manager, an administrator can set storage rules, establish device policies, create security protocols, and numerous other settings for all devices logged into either Microsoft 365 or Azure.

Figure E

e-create-configuration-profile-endpoint.jpg

Microsoft Endpoint Manager provides a complete set of administrative tools for subscribers to Microsoft 365 and Azure. These tools are available to any business or organization regardless of size or enterprise status. It may be worthwhile for your admin (even if it is just you) to take a look at what is offered by this free set of tools.

Also see